Cloudera: >> Cloudera Manager Security Vulnerabilities
Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges.
CVSS Score
9.8
EPSS Score
0.005
Published
2021-11-08
Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges to view the restricted Dashboard.
CVSS Score
5.3
EPSS Score
0.002
Published
2021-11-08
Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS.
CVSS Score
6.1
EPSS Score
0.005
Published
2021-11-08
Cloudera Manager 5.x, 6.x, 7.1.x, 7.2.x, and 7.3.x allows XSS via the path parameter.
CVSS Score
6.1
EPSS Score
0.005
Published
2021-11-08
An issue was discovered in Cloudera Manager 5.x before 5.16.2, 6.0.x before 6.0.2, and 6.1.x before 6.1.1. Malicious impala queries can result in Cross Site Scripting (XSS) when viewed within this product.
CVSS Score
5.4
EPSS Score
0.003
Published
2019-11-26
Cloudera Manager 5.7.x before 5.7.6, 5.8.x before 5.8.4, and 5.9.x before 5.9.1 allows XSS in the help search feature.
CVSS Score
5.4
EPSS Score
0.003
Published
2019-11-26
Cloudera Manager 5.8.x before 5.8.5, 5.9.x before 5.9.2, and 5.10.x before 5.10.1 allows a read-only Cloudera Manager user to discover the usernames of other users and elevate the privileges of those users.
CVSS Score
8.8
EPSS Score
0.003
Published
2019-11-26
Multiple cross-site scripting (XSS) vulnerabilities in the Cloudera Manager UI before 5.4.3 allow remote authenticated users to inject arbitrary web script or HTML using unspecified vectors.
CVSS Score
5.4
EPSS Score
0.002
Published
2019-11-26
Cloudera Manager 5.x before 5.7.1 places Sensitive Data in cleartext Readable Files.
CVSS Score
6.5
EPSS Score
0.002
Published
2019-11-26
There is Sensitive Information in Cloudera Manager before 5.4.6 Diagnostic Support Bundles.
CVSS Score
7.5
EPSS Score
0.004
Published
2019-11-26
Page 1